11-20
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 11 Identifying and Preventing Distributed-Denial-Of-Service Attacks
Preventing and Forcing Attack Detection
Preventing Attack Filtering
Attack filtering can be prevented for a specified IP address and attack type by executing a
dont-filter
CLI command. If filtering is already in process, it will be stopped. When attack filtering has been
stopped, it remains stopped until explicitly restored by another CLI command (either
force-filter
or
no
dont-filter
).
•
How to Configure a dont-filter Setting for a Specified Situation, page 11-20
•
How to Remove a dont-filter Setting from a Specified Situation, page 11-20
•
How to Remove All dont-filter Settings, page 11-20
How to Configure a dont-filter Setting for a Specified Situation
Step 1
From the SCE(config if)# prompt, type
attack-filter dont-filter protocol (((TCP|UDP) [dest-port
(port-number |not-specific))|ICMP|other) attack-direction
(((single-side-source|single-side-destination|single-side-both) (ip
ip-address
)|(dual-sided source-ip
source-ip-address
destination-ip
dest-ip-address
)) side (subscriber|network|both)
and press
Enter
.
How to Remove a dont-filter Setting from a Specified Situation
Step 1
From the SCE(config if)# prompt, type
no attack-filter dont-filter protocol (((TCP|UDP) [dest-port
(port-number |not-specific))|ICMP|other) attack-direction
(((single-side-source|single-side-destination|single-side-both) (ip
ip-address
)|(dual-sided source-ip
source-ip-address
destination-ip
dest-ip-address
)) side (subscriber|network|both)
and press
Enter
.
How to Remove All dont-filter Settings
Step 1
From the SCE(config if)# prompt, type
no attack-filter dont-filter all
and press
Enter
.
Forcing Attack Filtering
Attack filtering can be forced for a specified IP address/protocol. Forced attack filtering will continue
until undone by an explicit CLI command (either
no force-filter
or
dont-filter)
.
•
How to Configure a force-filter Setting for a Specified Situation, page 11-21
•
How to Remove a force-filter Setting from a Specified Situation, page 11-21
•
How to Remove All force-filter Settings, page 11-21